Check Point Advisories

Update Protection against a Vulnerability in Microsoft FrontPage Server Extensions Vulnerability (MS06-017)

Check Point Reference: CPAi-2006-035
Date Published: 11 Apr 2006
Severity: Medium
Last Updated: Monday 07 May, 2007
Source: Microsoft Security Bulletin MS06-017
Industry Reference:CVE-2006-0015
Protection Provided by:
Who is Vulnerable? Microsoft FrontPage Server Extensions
Microsoft SharePoint Team Services
Vulnerability Description FrontPage Server Extensions is a set of tools that can be installed on a Web site. They allow authorized personnel to manage the server, add or change content, and perform other tasks. A vulnerability was detected in Front Page Server Extensions that may allow an attacker take a variety of actions including monitoring the Web session and forwarding information to a third party, running other code on the user's system, and reading or writing cookies.

SmartDefense Update on May 16, 2006
This advisory has been updated on May 16, 2006 to reflect the adition of a modified solution against this vulnerability. Refer to the Solution tab for more details.  

Vulnerability Status 
Vulnerability DetailsThe vulnerability is caused by the way that FrontPage Server Extensions handles parameter validation. To exploit the vulnerability, an attacker could send a specially crafted e-mail message to a user of a server that is running an affected software application or persuade the user to click a link in the e-mail message.

Protection Overview

This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.